Date: Wed, 8 May 2019 11:08:33 +0200 From: Michael Tuexen <tuexen@freebsd.org> To: Conrad Meyer <cem@FreeBSD.org> Cc: src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r347239 - head/sys/dev/random Message-ID: <21F2F871-42E2-4572-97ED-C50CD00F9FC0@freebsd.org> In-Reply-To: <201905080045.x480jGpo032140@repo.freebsd.org> References: <201905080045.x480jGpo032140@repo.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 8. May 2019, at 02:45, Conrad Meyer <cem@FreeBSD.org> wrote: >=20 > Author: cem > Date: Wed May 8 00:45:16 2019 > New Revision: 347239 > URL: https://svnweb.freebsd.org/changeset/base/347239 >=20 > Log: > random: x86 driver: Prefer RDSEED over RDRAND when available I get a lot of random_sources_feed: rs_read for hardware device 'Intel Secure Key RNG' = returned no entropy. entries in /var/log/messages now... Any idea how to turn them off? Best regards Michael >=20 > Per > = https://software.intel.com/en-us/blogs/2012/11/17/the-difference-between-r= drand-and-rdseed > , RDRAND is a PRNG seeded from the same source as RDSEED. The source = is > more suitable as PRNG seed material, so prefer it when the RDSEED = intrinsic > is available (indicated in CPU feature bits). >=20 > Reviewed by: delphij, jhb, imp (earlier version) > Approved by: secteam(delphij) > Security: yes > Sponsored by: Dell EMC Isilon > Differential Revision: https://reviews.freebsd.org/D20192 >=20 > Modified: > head/sys/dev/random/ivy.c >=20 > Modified: head/sys/dev/random/ivy.c > = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D > --- head/sys/dev/random/ivy.c Wed May 8 00:40:08 2019 = (r347238) > +++ head/sys/dev/random/ivy.c Wed May 8 00:45:16 2019 = (r347239) > @@ -44,11 +44,13 @@ __FBSDID("$FreeBSD$"); >=20 > #include <machine/md_var.h> > #include <machine/specialreg.h> > +#include <x86/ifunc.h> >=20 > #include <dev/random/randomdev.h> >=20 > #define RETRY_COUNT 10 >=20 > +static bool has_rdrand, has_rdseed; > static u_int random_ivy_read(void *, u_int); >=20 > static struct random_source random_ivy =3D { > @@ -57,10 +59,9 @@ static struct random_source random_ivy =3D { > .rs_read =3D random_ivy_read > }; >=20 > -static inline int > -ivy_rng_store(u_long *buf) > +static int > +x86_rdrand_store(u_long *buf) > { > -#ifdef __GNUCLIKE_ASM > u_long rndval; > int retry; >=20 > @@ -75,11 +76,40 @@ ivy_rng_store(u_long *buf) > : "+r" (retry), "=3Dr" (rndval) : : "cc"); > *buf =3D rndval; > return (retry); > -#else /* __GNUCLIKE_ASM */ > - return (0); > -#endif > } >=20 > +static int > +x86_rdseed_store(u_long *buf) > +{ > + u_long rndval; > + int retry; > + > + retry =3D RETRY_COUNT; > + __asm __volatile( > + "1:\n\t" > + "rdseed %1\n\t" /* read randomness into rndval */ > + "jc 2f\n\t" /* CF is set on success, exit retry loop = */ > + "dec %0\n\t" /* otherwise, retry-- */ > + "jne 1b\n\t" /* and loop if retries are not exhausted = */ > + "2:" > + : "+r" (retry), "=3Dr" (rndval) : : "cc"); > + *buf =3D rndval; > + return (retry); > +} > + > +DEFINE_IFUNC(static, int, x86_rng_store, (u_long *buf), static) > +{ > + has_rdrand =3D (cpu_feature2 & CPUID2_RDRAND); > + has_rdseed =3D (cpu_stdext_feature & CPUID_STDEXT_RDSEED); > + > + if (has_rdseed) > + return (x86_rdseed_store); > + else if (has_rdrand) > + return (x86_rdrand_store); > + else > + return (NULL); > +} > + > /* It is required that buf length is a multiple of sizeof(u_long). */ > static u_int > random_ivy_read(void *buf, u_int c) > @@ -90,7 +120,7 @@ random_ivy_read(void *buf, u_int c) > KASSERT(c % sizeof(*b) =3D=3D 0, ("partial read %d", c)); > b =3D buf; > for (count =3D c; count > 0; count -=3D sizeof(*b)) { > - if (ivy_rng_store(&rndval) =3D=3D 0) > + if (x86_rng_store(&rndval) =3D=3D 0) > break; > *b++ =3D rndval; > } > @@ -104,14 +134,14 @@ rdrand_modevent(module_t mod, int type, void = *unused) >=20 > switch (type) { > case MOD_LOAD: > - if (cpu_feature2 & CPUID2_RDRAND) { > + if (has_rdrand || has_rdseed) { > random_source_register(&random_ivy); > printf("random: fast provider: \"%s\"\n", = random_ivy.rs_ident); > } > break; >=20 > case MOD_UNLOAD: > - if (cpu_feature2 & CPUID2_RDRAND) > + if (has_rdrand || has_rdseed) > random_source_deregister(&random_ivy); > break; >=20 >=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?21F2F871-42E2-4572-97ED-C50CD00F9FC0>